Expert Insight: Docker Malware Is Now Common – Devs Need To React Accordingly

Towards the end of 2017, there was a major shift in the malware scene. As cloud-based technologies became more popular, cybercrime gangs began targeting Docker and Kubernetes systems. Most of these attacks followed a very simple pattern where threat actors scanned for misconfigured systems that had admin interfaces exposed online in order to take over servers and deploy cryptocurrency-mining malware.

Over the past three years, these attacks have intensified, and new malware strains and threat actors targeting Docker (and Kubernetes) are now being discovered on a regular basis.  

But despite the fact that malware attacks on Docker servers are now commonplace, many web developers and infrastructure engineers have not yet learned their lesson and are still misconfiguring Docker servers, leaving them exposed to attacks. The most common of these mistakes is leaving Docker remote administration API endpoints exposed online without authentication.

https://www.zdnet.com/article/docker-malware-is-now-common-so-devs-need-to-take-docker-security-seriously/

Experts Comments

December 02, 2020
Mark Bower
Senior Vice President
comforte AG
Platforms like Kubernetes enable immense application delivery power. However, the built-in security controls reflect classical data-at-rest and transport encryption, perimeter, and access control based security. While these controls are important, the last decade has seen leading enterprises and data processors shift towards data-centric over perimeter controls to combat advanced malware, ransomware, and insider risk to sensitive data. Fundamentally, to thwart the variations of malware and.....Read More
Platforms like Kubernetes enable immense application delivery power. However, the built-in security controls reflect classical data-at-rest and transport encryption, perimeter, and access control based security. While these controls are important, the last decade has seen leading enterprises and data processors shift towards data-centric over perimeter controls to combat advanced malware, ransomware, and insider risk to sensitive data. Fundamentally, to thwart the variations of malware and attacks from misconfiguration or API exploitation, a data-centric approach is vital even with advanced container and app orchestration ecosystems to avoid data compromise or attacks that can create havoc for data-hungry enterprises depending on them.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.